fix(n1-api-calls): Omit span URL subdomain from fingerprinting (getse…

…ntry#43706)

Closes PERF-1937. Sometimes we get spans with URLs like
`"http://<client>.service.io/resource"` in them. The `<client>` is a
hard-to-parameterize string of some kind. This causes a fingerprint
explosion if different transactions are getting data from different
clients.

Omit the subdomain from fingerprinting (but leave detection alone). For
fingerprinting, we actually _want_ to ignore this, and only fingerprint
on the path. There's basically no scenario where an application would
use the same path structure from different domains and it's _not_ an
error.

src/sentry/utils/performance_issues/performance_detection.py

@@ -864,12 +864,8 @@ def _maybe_store_problem(self):
 
     def _fingerprint(self) -> str:
         parameterized_first_url = self.parameterize_url(get_url_from_span(self.spans[0]))
-
-        parts = parameterized_first_url.split("?")
-        if len(parts) > 1:
-            [path, _query] = parts
-        else:
-            path = parts[0]
+        parsed_first_url = urlparse(parameterized_first_url)
+        path = parsed_first_url.path
 
         fingerprint = hashlib.sha1(path.encode("utf8")).hexdigest()
 

tests/sentry/utils/performance_issues/test_n_plus_one_api_calls_detector.py

@@ -179,14 +179,14 @@ def test_fingerprints_different_relative_url_separately(self):
 
         assert problem1.fingerprint != problem2.fingerprint
 
-    def test_fingerprints_using_full_url_path(self):
+    def test_ignores_hostname_for_fingerprinting(self):
         event1 = self.create_event(lambda i: f"GET http://service.io/clients/info?id={i}")
         [problem1] = self.find_problems(event1)
 
         event2 = self.create_event(lambda i: f"GET /clients/info?id={i}")
         [problem2] = self.find_problems(event2)
 
-        assert problem1.fingerprint != problem2.fingerprint
+        assert problem1.fingerprint == problem2.fingerprint
 
 
 @pytest.mark.parametrize(